.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
Issue
The error message below is reported when the command perl /etc/netwitness/ng/logcollection/content/collection/vmware/vmware-events/NwVmwareCollector.pl -events -server
[root@xxx
vmware-events]# perl /etc/netwitness/ng/logcollection/content/collection/vmware/vmware-events/NwVmwareCollector.pl -events -server <ESXi host IP> -username <username> -password <password> -count 1000
Error: Cannot complete login due to an incorrect user name or password.
Perl exited with active threads:
1 running and unjoined
0 finished and unjoined
0 running and detached
Error: Cannot complete login due to an incorrect user name or password.
Perl exited with active threads:
1 running and unjoined
0 finished and unjoined
0 running and detached
Tasks
DIRECTLY connect to the ESXi host by specifying the IP address in a browser and connect using the same credentials as used in the script above. It should return with the same error (shown below) as seen when running the script.
Cannot complete login due to an incorrect user name or password.
Resolution
Step 1 of the VMware ESX-ESXi Event Source Configuration Guide states:
Log onto the ESXi host using the vSphere Client, with administrative privileges.
However, a customer might unknowingly login to the vCenter, followed by creating a role, local user and assign the permission to the user thinks that all the roles and permissions are assigned to the ESXi host.
Ensure that all the steps performed are on the ESXi host and not on the vCenter. There shouldn't be any requirement for vCenter access for doing this integration successfully.
Product Details
RSA Product Set: Security Analytics, NetWitness Logs & NetworkRSA Product/Service Type: Log Collector
RSA Version/Condition: 10.6.x.x
Platform: CentOS, VMware ESX, VMware ESXi
Approval Reviewer Queue
RSA NetWitness Suite Approval Queue